﻿using System;
using System.Data;
using System.Data.OleDb;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.IO;
using Bass.Tools;
using MySql.Data.MySqlClient;

public partial class admin_add_admin : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Convert.ToString(Session["adminname"]) == "")
        {
            Response.Write("<script language=javascript>alert('您没有登录');window.parent.document.location.href ='admin_login.aspx'</script>");
        }
        else if (Convert.ToString(Session["adminkind"]) != "super")
        {
            Response.Write("<script language=javascript>alert('您不是超级管理员，无权访问此页！');location='admin_login.aspx'</script>");
        }
        if (!IsPostBack)
        {
            for (int i = 0; i < 2;i++ )
            {
                if (i == 0)
                {
                    ListItem newitem = new ListItem();
                    newitem.Text = "产品管理员";
                    newitem.Value = "product";
                    adminkind.Items.Add(newitem);
                }
                if (i == 1)
                {
                    ListItem newitem = new ListItem();
                    newitem.Text = "用户管理员";
                    newitem.Value = "user";
                    adminkind.Items.Add(newitem);
                }
            }
        }
    }

    protected void ClearTextBox()
    {
        adminname.Text = string.Empty;
        adminpwd.Text = string.Empty;
    }

    protected void Button2_Click(object sender, EventArgs e)
    {
        ClearTextBox();
    }

    protected void Button1_Click(object sender, EventArgs e)
    {
        //OleDbConnection Conn = new OleDbConnection();
        //Conn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;" + "Data Source=" + Server.MapPath("../miumiu.mdb");
        //Conn.Open();

        //取到连接字符串
        string propertiesPath = Server.MapPath("../mysqldb.properties");
        mytools mt = new mytools();
        string ConnString = mt.getMysqlConn(propertiesPath);

        //打开连接
        MySqlConnection myConnection = new MySqlConnection(ConnString);
        myConnection.Open();
        
        string adminname1 = adminname.Text.ToString();
        string adminpwd1 = adminpwd.Text.ToString();
        string pwd_md5 = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(adminpwd1, "md5");
        string adminkind1 = adminkind.SelectedItem.Value ;

        string sqlstr = "select count(*) from admin_info where adminname='" + adminname1 + "'";
        MySqlCommand sun = new MySqlCommand(sqlstr, myConnection);
        int count = Convert.ToInt32(sun.ExecuteScalar());
        if (count > 0)
        {
            Response.Write("<script lanuage=javascript>alert('添加管理员失败！该管理员名称已经存在！');location ='add_admin.aspx'</script>");
        }
        else
        {
            string sqlinsert = "insert into admin_info values" +
                            "('" + adminname1 + "','" + pwd_md5 + "','" + adminkind1 + "')";
            MySqlCommand scd = new MySqlCommand(sqlinsert, myConnection);
            scd.ExecuteNonQuery();
            Response.Write("<script lanuage=javascript>alert('添加管理员成功！');location ='add_admin.aspx'</script>");
        }
        myConnection.Close();

    }

    protected void CustomValidator1_ServerValidate(object source, ServerValidateEventArgs args)
    {
        string adminname1 = this.adminname.Text.ToString();
        for (int i = 0; i < (int)adminname1.Length; i++)
        {
            string name = adminname1.Substring(i, 1);
            if (name == "'" || name == "%" || name == "<" || name == ">" || name == "&" || name == "|")
            {
                args.IsValid = false;
            }
            else
            {
                args.IsValid = true;
            }
        }
    }

}
